[VIM] The Week of Oracle Database Bugs (fwd)

security curmudgeon jericho at attrition.org
Mon Nov 20 16:34:43 EST 2006

Last week I blogged about the MoKB:


At the end I asked what other people would like to see:

   In the months and years to come, what else will we see? What would you
   like to see the most.. Month of ______ Bugs.

One of our guys wanted a Month of Database Bugs! I guess a Week of Oracle 
will suffice =)

---------- Forwarded message ----------
From: Cesar <cesarc56 at yahoo.com>
To: full-disclosure at lists.grok.org.uk
Date: Mon, 20 Nov 2006 13:25:31 -0800 (PST)
Subject: [Full-disclosure] The Week of Oracle Database Bugs

The Week of Oracle Database Bugs
Based on the great idea of H D Moore "Month of Browser
Bugs" and LMH "Month of Kernel Bugs", we are proud to
announce that we are starting on December the "Week of
Oracle Database Bugs" (WoODB).

What is the WoODB about?
An Oracle Database 0day will be released every day for
a week on December.

Why are you doing this?
We want to show the current state of Oracle software
("in")security also we want to demostrate Oracle isn't
getting any better at securing its products (you
already know the history: two years or more to fix a
bug, not fixing bugs, failing to fix bugs, lying about
security efforts, etc, etc, etc.).

Why are you targeting only Oracle?
We have 0days for all Database software vendors but
Oracle is "The #1 Star" when talking about lots of
unpatched vulnerabilities and not caring about

Why not the Month of Oracle Database Bugs?
We could do the Year of Oracle Database Bugs but we
think a week is enough to show how flawed Oracle
software is, also we don't want to give away all our
0days:), anyways if you want to contribute send your
Oracle 0days so this can be extended for another week
or more.



Sponsored Link

Compare mortgage rates for today.
Get up to 5 free quotes.

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

More information about the VIM mailing list